Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
1999-07-07 CVE-1999-1537 Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
network
low complexity
microsoft
5.0
1999-07-06 CVE-1999-1478 Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
network
low complexity
microsoft
5.0
1999-06-30 CVE-1999-0140 Unspecified vulnerability in Microsoft Windows NT
Denial of service in RAS/PPTP on NT systems.
network
low complexity
microsoft
5.0
1999-06-28 CVE-1999-1365 Unspecified vulnerability in Microsoft Windows NT
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
local
low complexity
microsoft
7.2
1999-06-25 CVE-1999-1164 Unspecified vulnerability in Microsoft Outlook and Outlook Express
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
network
low complexity
microsoft
5.0
1999-05-17 CVE-1999-0489 Unspecified vulnerability in Microsoft Windows NT 4.0
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
network
low complexity
microsoft
critical
10.0
1999-05-12 CVE-1999-0229 Unspecified vulnerability in Microsoft Internet Information Server
Denial of service in Windows NT IIS server using ..\..
network
low complexity
microsoft
5.0
1999-05-11 CVE-1999-1520 Unspecified vulnerability in Microsoft Site Server 3.0
A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information.
network
low complexity
microsoft
5.0
1999-05-11 CVE-1999-1033 Denial of Service vulnerability in Outlook Express POP
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
network
low complexity
microsoft
5.0
1999-05-07 CVE-1999-0739 Unspecified vulnerability in Microsoft Internet Information Server 4.0
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
network
low complexity
microsoft
5.0